Changing 802.1X Authentication Timers for an Interface
Note
You should change the default values only to adjust for unusual circumstances such as unreliable links or
specific behavioral problems with certain supplicants and authentication servers.
Before you begin
Enable the 802.1X feature on the Cisco NX-OS device.
SUMMARY STEPS
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
DETAILED STEPS
Command or Action
Step 1
configure terminal
Example:
switch# configure terminal
switch(config)#
Step 2
interface ethernet slot/port
Example:
switch(config)# interface ethernet 2/1
switch(config-if)
Step 3
(Optional) dot1x timeout quiet-period seconds
Example:
switch(config-if)# dot1x timeout quiet-period 25
Step 4
(Optional) dot1x timeout ratelimit-period seconds
Example:
switch(config-if)# dot1x timeout ratelimit-period
10
Cisco Nexus 9000 Series NX-OS Security Configuration Guide, Release 9.x
194
configure terminal
interface ethernet slot/port
(Optional) dot1x timeout quiet-period seconds
(Optional) dot1x timeout ratelimit-period seconds
(Optional) dot1x timeout server-timeout seconds
(Optional) dot1x timeout supp-timeout seconds
(Optional) dot1x timeout tx-period seconds
(Optional) dot1x timeout inactivity-period seconds
exit
(Optional) show dot1x all
(Optional) copy running-config startup-config
Purpose
Enters global configuration mode.
Selects the interface to configure and enters interface
configuration mode.
Sets the number of seconds that the authenticator waits for
a response to an EAP-request/identity frame from the
supplicant before retransmitting the request. The default
is the global number of seconds set for all interfaces. The
range is from 1 to 65535 seconds.
Sets the number of seconds that the authenticator ignores
EAPOL-Start packets from supplicants that have
successfully authenticated. The default value is 0 seconds.
The range is from 1 to 65535 seconds.
Configuring 802.1X